On 31/12/2012, at 15:03, "Christopher M. Bailey" <chris@chrisbailey.au.com> wrote:
Hi Hannah,
Can you elaborate?
well... https://www.google.com.au/search?q=site:web.nvd.nist.gov+roundcube the last and worst time I got hacked on a server I help manage was due to roundcube and horribly insecure shell scripts called from its php. just bad programming practiced all around. I do concede it was the most functional open source webmail I had used at the time. Horde/IMP was also good, and frequently updated, while at least being more secure than roundcube after the hack, I decided webmail on servers i manage wasn't really worth while Hannah
hannah commodore <hannah@tinfoilhat.net> wrote: On 30/12/2012, at 21:08, chris@chrisbailey.au.com wrote:
I've just moved to Postfix from SendMail on a new hosting server I have built, just wanting to hear of any issues anyone has had, if any, with putting postfix in a chroot jail.
Config:- CentOS 6.3 x64 ISPConfig 3 Postfix 2.6.6 Roundcube Webmail client 0.7.3
if you are concerned with security, I'd entirely avoid running roundcube.. I've had nothing but trouble with it